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Amendments to the Claims 
This listing of claims will replace all prior versions of claims in the application: 
Listing of Claims: 

1 . (Currently amended) A digital rights management system including a processor for use in 
an industrial environment comprising: 

a certification component that verifies identity of users on the system [ generates 
certificates for local domain automation devices ]; and 

an access component that establishes rules of use for digital content on the system 
[automation device services ] based at least upon the identity of the users on the system [ user or 
e ntity as provided by a certificate ]. 

2. (Original) The system of claim 1, wherein the system is executed by a computer remotely 
located from the automation device. 

3. (Currently amended) The system of claim 2, wherein communication between the users 
[ automation device ] and the certification and access components is over a local area network. 

4. (Original) The system of claim 3, wherein communication is secured via digital 
certificates which bind public keys to specific users and/or entities to facilitate decryption of a 
message as well as identification of a sender. 

5. (Original) The system of claim 4, wherein the message is digitally signed to enable the 
message to be authenticated. 

6. (Original) The system of claim 1, wherein access to the access component is a restricted 
component limited to a particular user or group of users via certificates. 
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7. (Original) The system of claim 1, wherein the automation device includes an access 
credential component that defines and restricts access to particular objects and services based on 
the identity of the user as established by a certificate. 

8. (Original) The system of claim 7, wherein the automation device includes a virtual key 
component adapted to retrieve identifying information from a certificate. 

9. (Original) The system of claim 7, wherein the access credential component also defines 
and restricts access based on a personal id provided by a SIM card. 

10. (Original) The system of claim 9, wherein the automation device includes a physical key 
component adapted to retrieve identifying information from the SIM card. 

1 1 . (Original) The system of claim 1 , wherein the automation device is one of a 
programmable logic controller, an I/O device, and a communication adaptor. 

12. (Withdrawn) A secure automation device communication system comprising: 
a certification component; and 

a plurality of automation devices that interact with the certification component to 
generate and receive certificates which bind public keys to specific automation devices to 
facilitate identification of the devices that generate encrypted messages. 

13. (Withdrawn) The system of claim 12, wherein the automation devices include 
programmable logic controllers, I/O devices, and communication adapters. 

14. (Withdrawn) The system of claim 12, wherein the automation devices communicate 
messages over a local area network. 

15. (Withdrawn) The system of claim 12, wherein certificates contain an automation device 
or user name or ID and a public key associated therewith. 
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16. (Withdrawn) The system of claim 12, wherein the certification component stores 
certificates in a certificate data store isolated from automation devices. 

17. (Withdrawn) The system of claim 12, wherein automation devices contain private keys to 
facilitate encryption and/or decryption of messages. 

18. (Withdrawn) The system of claim 12, wherein a first automation device utilizes one key 
in a public private key pair to create a secure message component that is transmitted to a second 
automation device. 

19. (Withdrawn) The system of claim 18, wherein the second automation device receives the 
secure message component and utilizes the other key in a public private key pair to decrypt the 
message component. 

20. (Withdrawn) The system of claim 12, wherein messages are digitally signed and include 
a message, message digest, and information regarding a hash algorithm. 

21 . (Withdrawn) The system of claim 20, wherein the hash algorithm is MD5. 

22. (Withdrawn) A method of managing digital rights comprising: 
defining rules of use concerning automation device program privileges; 
downloading the rules to an automation device; 

limiting interaction with the automation device based on the rules and an identity of a 

user. 

23. (Withdrawn) The method of claim 22, wherein user identity is established via digital 
certificates. 

24. (Withdrawn) The method of claim 23, wherein user digital certificates are generated by a 
local area control component. 
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25. (Withdrawn) The method of claim 23, wherein the user identity is established utilizing a 
SIM card. 

26. (Withdrawn) The method of claim 23, wherein user identity is established employing 
biometrics. 

27. (Withdrawn) The method of claim 22, wherein user rules prohibit particular users from 
viewing portions of an automation device program. 

28. (Withdrawn) The method of claim 22, wherein user rules prohibit particular users from 
modifying a ladder logic program. 

29. (Withdrawn) A computer readable medium having stored thereon computer executable 
instructions for carrying out the method of claim 22. 

30. (Currently amended) An industrial automation device communication methodology 
comprising: 

encrypting a message to be sent to a automation device utilizing a key derived from a 
certification component; and 

transmitting the encrypted message to the automation device, wherein the certification 
component verifies identity of the automation device of the message, and an access component 
establishes rules of use for the message based at least upon the identity of the automation device. 

3 1 . (Original) The methodology of claim 30, further comprising: 

receiving an encrypted message from an automation device or device controller; 
locating a certificate component associated with the automation device sending the 
message; and 

decrypting the message utilizing the public key provided by the certificate component. 

32. (Original) The method of claim 3 1 , wherein the automation device is an industrial 
programmable logic controller (PLC). 



5 



10/814,539 



03AB111/ALBRP333US 



33. (Original) The method of claim 32, wherein the message is a PLC program. 

34. (Original) The method of claim 3 1 , wherein locating the certificate component comprises 
searching local automation device store. 

35. (Previously amended) The method of claim 3 1 , wherein locating the certificate comprises 
downloading the certificate from the certification component. 

36. (Original) A computer readable medium having stored thereon computer executable 
instructions for carrying out the method of claim 3 1 . 

37. (Currently amended) A method of industrial automation device communication 
comprising: 

generating a digitally signed message component comprising a message, a message 
digest, a certificate[ieft] component, and hash function data, wherein the message component is 
generated by a first industrial automation device; and 

transmitting the message component to a second industrial automation device, 
wherein a certification component verifies identity of automation devices, and an access 
component establishes rules of use for the message based at least upon the identity of the 
automation devices. 

38. (Original) The method of claim 37, further comprising encrypting the message 
component prior to transmission. 

39. (Original) The method of claim 38, further comprising receiving and decrypting the 
message component. 

40. (Original) The method of claim 37, further comprising authenticating the message by 
retrieving a hash function in accordance with the hash information, generating a message digest 
by applying the retrieved hash function to the received message and comparing the generated 
message digest with the message digest retrieved from the message component. 
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41 . (Original) A computer readable medium having stored thereon computer executable 
instructions for carrying out the method of claim 37. 
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